Primary

Context

Changing Clinic Image System SQL Injection Vulnerability

Vulnerability

A SQL injection vulnerability has been identified in the Clinic Image System developed by Changing, specifically in versions through 2.4.23.2131, excluding 1.5.x.x and 2.0.x.x. This vulnerability allows unauthenticated remote attackers to inject arbitrary SQL commands, potentially leading to unauthorized access to database contents.

Impact

Exploitation of this vulnerability could allow attackers to read sensitive data from the database, which may include personal health information or other confidential records.

Remediation

Users are advised to update to version 2.4.23.2131 or later.

Added: Aug 29, 2025, 4:20 AM

Updated: Aug 29, 2025, 4:20 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Changing Clinic Image System SQL Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating